pool/umoci
SHA256
12
0
Fork 2
Code Issues Pull Requests Activity

Accepting request 512069 from home:cyphar:containers

Browse Source 
- Update to umoci v0.3.0. Upstream changelog:
	- `umoci` now passes all of the requirements for the [CII best practices bading
	  program][cii]. openSUSE/umoci#134
	- `umoci` also now has more extensive architecture, quick-start and roadmap
	  documentation. openSUSE/umoci#134
	- `umoci` now supports [`1.0.0` of the OCI image
	  specification][ispec-v1.0.0] and [`1.0.0` of the OCI runtime
	  specification][rspec-v1.0.0], which are the first milestone release. Note
	  that there are still some remaining UX issues with `--image` and other parts
	  of `umoci` which may be subject to change in future versions. In particular,
	  this update of the specification now means that images may have ambiguous
	  tags. `umoci` will warn you if an operation may have an ambiguous result, but
	  we plan to improve this functionality far more in the future.
	  openSUSE/umoci#133 openSUSE/umoci#142
	- `umoci` also now supports more complicated descriptor walk structures, and
	  also handles mutation of such structures more sanely. At the moment, this
	  functionality has not been used "in the wild" and `umoci` doesn't have the UX
	  to create such structures (yet) but these will be implemented in future
	  versions. openSUSE/umoci#145
	- `umoci repack` now supports `--mask-path` to ignore changes in the rootfs
	  that are in a child of at least one of the provided masks when generating new
	  layers. openSUSE/umoci#127
	- Error messages from `github.com/openSUSE/umoci/oci/cas/drivers/dir` actually
	  make sense now. openSUSE/umoci#121
	- `umoci unpack` now generates `config.json` blobs according to the [still
	  proposed][ispec-pr492] OCI image specification conversion document.
	  openSUSE/umoci#120
	- `umoci repack` also now automatically adding `Config.Volumes` from the image
	  configuration to the set of masked paths.  This matches recently added
	  [recommendations by the spec][ispec-pr694], but is a backwards-incompatible
	  change because the new default is that `Config.Volumes` **will** be masked.
	  If you wish to retain the old semantics, use `--no-mask-volumes` (though make
	  sure to be aware of the reasoning behind `Config.Volume` masking).
	  openSUSE/umoci#127
	- `umoci` now uses [`SecureJoin`][securejoin] rather than a patched version of
	  `FollowSymlinkInScope`. The two implementations are roughly equivalent, but
	  `SecureJoin` has a nicer API and is maintained as a separate project.
	- Switched to using `golang.org/x/sys/unix` over `syscall` where possible,
	  which makes the codebase significantly cleaner. openSUSE/umoci#141

	[cii]: https://bestpractices.coreinfrastructure.org/projects/1084
	[rspec-v1.0.0]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0
	[ispec-v1.0.0]: https://github.com/opencontainers/image-spec/releases/tag/v1.0.0
	[ispec-pr492]: https://github.com/opencontainers/image-spec/pull/492
	[ispec-pr694]: https://github.com/opencontainers/image-spec/pull/694
	[securejoin]: https://github.com/cyphar/filepath-securejoin

OBS-URL: https://build.opensuse.org/request/show/512069
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/umoci?expand=0&rev=23
This commit is contained in:
Aleksa Sarai
2017-07-24 10:39:50 +00:00
committed by Git OBS Bridge
parent da3caa6b6d
commit f3781ab7f3
7 changed files with 77 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
umoci.changes
View File

@@ -1,8 +1,58 @@
-------------------------------------------------------------------
Sat Jul 22 15:57:44 UTC 2017 - asarai@suse.com
- Update to umoci v0.3.0. Upstream changelog:
- `umoci` now passes all of the requirements for the [CII best practices bading
program][cii]. openSUSE/umoci#134
- `umoci` also now has more extensive architecture, quick-start and roadmap
documentation. openSUSE/umoci#134
- `umoci` now supports [`1.0.0` of the OCI image
specification][ispec-v1.0.0] and [`1.0.0` of the OCI runtime
specification][rspec-v1.0.0], which are the first milestone release. Note
that there are still some remaining UX issues with `--image` and other parts
of `umoci` which may be subject to change in future versions. In particular,
this update of the specification now means that images may have ambiguous
tags. `umoci` will warn you if an operation may have an ambiguous result, but
we plan to improve this functionality far more in the future.
openSUSE/umoci#133 openSUSE/umoci#142
- `umoci` also now supports more complicated descriptor walk structures, and
also handles mutation of such structures more sanely. At the moment, this
functionality has not been used "in the wild" and `umoci` doesn't have the UX
to create such structures (yet) but these will be implemented in future
versions. openSUSE/umoci#145
- `umoci repack` now supports `--mask-path` to ignore changes in the rootfs
that are in a child of at least one of the provided masks when generating new
layers. openSUSE/umoci#127
- Error messages from `github.com/openSUSE/umoci/oci/cas/drivers/dir` actually
make sense now. openSUSE/umoci#121
- `umoci unpack` now generates `config.json` blobs according to the [still
proposed][ispec-pr492] OCI image specification conversion document.
openSUSE/umoci#120
- `umoci repack` also now automatically adding `Config.Volumes` from the image
configuration to the set of masked paths. This matches recently added
[recommendations by the spec][ispec-pr694], but is a backwards-incompatible
change because the new default is that `Config.Volumes` **will** be masked.
If you wish to retain the old semantics, use `--no-mask-volumes` (though make
sure to be aware of the reasoning behind `Config.Volume` masking).
openSUSE/umoci#127
- `umoci` now uses [`SecureJoin`][securejoin] rather than a patched version of
`FollowSymlinkInScope`. The two implementations are roughly equivalent, but
`SecureJoin` has a nicer API and is maintained as a separate project.
- Switched to using `golang.org/x/sys/unix` over `syscall` where possible,
which makes the codebase significantly cleaner. openSUSE/umoci#141
[cii]: https://bestpractices.coreinfrastructure.org/projects/1084
[rspec-v1.0.0]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0
[ispec-v1.0.0]: https://github.com/opencontainers/image-spec/releases/tag/v1.0.0
[ispec-pr492]: https://github.com/opencontainers/image-spec/pull/492
[ispec-pr694]: https://github.com/opencontainers/image-spec/pull/694
[securejoin]: https://github.com/cyphar/filepath-securejoin
-------------------------------------------------------------------
Wed Apr 12 09:46:18 UTC 2017 - jmassaguerpla@suse.com
- remove the go_arches macro because we are using go1.7 which
is available in all archs
is available in all archs
-------------------------------------------------------------------
Wed Apr 12 01:05:12 UTC 2017 - asarai@suse.com